Module: Search::SearchRateLimitable

Extended by:
ActiveSupport::Concern
Includes:
Gitlab::Graphql::Authorize::AuthorizeResource
Defined in:
app/graphql/resolvers/concerns/search/search_rate_limitable.rb

Constant Summary

Constants included from Gitlab::Graphql::Authorize::AuthorizeResource

Gitlab::Graphql::Authorize::AuthorizeResource::ConfigurationError, Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR

Instance Method Summary collapse

Methods included from Gitlab::Graphql::Authorize::AuthorizeResource

#authorize!, #authorized_find!, #authorized_resource?, #find_object, #raise_resource_not_available_error!

Instance Method Details

#verify_search_rate_limit!(**args) ⇒ Object

Implement scope and search_params methods in the class which includes this concern.



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'app/graphql/resolvers/concerns/search/search_rate_limitable.rb', line 9

def verify_search_rate_limit!(**args)
  if current_user
    key = :search_rate_limit
    scope = [current_user, safe_search_scope(**args)].compact
    users_allowlist = Gitlab::CurrentSettings.current_application_settings.search_rate_limit_allowlist
  else
    key = :search_rate_limit_unauthenticated
    scope = [context[:request].ip]
    users_allowlist = nil
  end

  if ::Gitlab::ApplicationRateLimiter.throttled_request?(
    context[:request], current_user, key, scope: scope, users_allowlist: users_allowlist
  )
    error_msg = "          _('This endpoint has been requested too many times. Try again later.')\n    ERR\n    raise_resource_not_available_error!(error_msg)\n  end\nend\n".squish